2
0

18-dtls-renegotiate.cnf 7.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285
  1. # Generated with generate_ssl_tests.pl
  2. num_tests = 9
  3. test-0 = 0-renegotiate-client-no-resume
  4. test-1 = 1-renegotiate-client-resume
  5. test-2 = 2-renegotiate-server-resume
  6. test-3 = 3-renegotiate-client-auth-require
  7. test-4 = 4-renegotiate-client-auth-once
  8. test-5 = 5-renegotiate-aead-to-non-aead
  9. test-6 = 6-renegotiate-non-aead-to-aead
  10. test-7 = 7-renegotiate-non-aead-to-non-aead
  11. test-8 = 8-renegotiate-aead-to-aead
  12. # ===========================================================
  13. [0-renegotiate-client-no-resume]
  14. ssl_conf = 0-renegotiate-client-no-resume-ssl
  15. [0-renegotiate-client-no-resume-ssl]
  16. server = 0-renegotiate-client-no-resume-server
  17. client = 0-renegotiate-client-no-resume-client
  18. [0-renegotiate-client-no-resume-server]
  19. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  20. CipherString = DEFAULT:@SECLEVEL=0
  21. Options = NoResumptionOnRenegotiation
  22. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  23. [0-renegotiate-client-no-resume-client]
  24. CipherString = DEFAULT:@SECLEVEL=0
  25. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  26. VerifyMode = Peer
  27. [test-0]
  28. ExpectedResult = Success
  29. HandshakeMode = RenegotiateClient
  30. Method = DTLS
  31. ResumptionExpected = No
  32. UseSCTP = No
  33. # ===========================================================
  34. [1-renegotiate-client-resume]
  35. ssl_conf = 1-renegotiate-client-resume-ssl
  36. [1-renegotiate-client-resume-ssl]
  37. server = 1-renegotiate-client-resume-server
  38. client = 1-renegotiate-client-resume-client
  39. [1-renegotiate-client-resume-server]
  40. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  41. CipherString = DEFAULT:@SECLEVEL=0
  42. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  43. [1-renegotiate-client-resume-client]
  44. CipherString = DEFAULT:@SECLEVEL=0
  45. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  46. VerifyMode = Peer
  47. [test-1]
  48. ExpectedResult = Success
  49. HandshakeMode = RenegotiateClient
  50. Method = DTLS
  51. ResumptionExpected = Yes
  52. UseSCTP = No
  53. # ===========================================================
  54. [2-renegotiate-server-resume]
  55. ssl_conf = 2-renegotiate-server-resume-ssl
  56. [2-renegotiate-server-resume-ssl]
  57. server = 2-renegotiate-server-resume-server
  58. client = 2-renegotiate-server-resume-client
  59. [2-renegotiate-server-resume-server]
  60. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  61. CipherString = DEFAULT:@SECLEVEL=0
  62. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  63. [2-renegotiate-server-resume-client]
  64. CipherString = DEFAULT:@SECLEVEL=0
  65. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  66. VerifyMode = Peer
  67. [test-2]
  68. ExpectedResult = Success
  69. HandshakeMode = RenegotiateServer
  70. Method = DTLS
  71. ResumptionExpected = No
  72. UseSCTP = No
  73. # ===========================================================
  74. [3-renegotiate-client-auth-require]
  75. ssl_conf = 3-renegotiate-client-auth-require-ssl
  76. [3-renegotiate-client-auth-require-ssl]
  77. server = 3-renegotiate-client-auth-require-server
  78. client = 3-renegotiate-client-auth-require-client
  79. [3-renegotiate-client-auth-require-server]
  80. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  81. CipherString = DEFAULT:@SECLEVEL=0
  82. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  83. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  84. VerifyMode = Require
  85. [3-renegotiate-client-auth-require-client]
  86. Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  87. CipherString = DEFAULT:@SECLEVEL=0
  88. PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  89. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  90. VerifyMode = Peer
  91. [test-3]
  92. ExpectedResult = Success
  93. HandshakeMode = RenegotiateServer
  94. Method = DTLS
  95. ResumptionExpected = No
  96. UseSCTP = No
  97. # ===========================================================
  98. [4-renegotiate-client-auth-once]
  99. ssl_conf = 4-renegotiate-client-auth-once-ssl
  100. [4-renegotiate-client-auth-once-ssl]
  101. server = 4-renegotiate-client-auth-once-server
  102. client = 4-renegotiate-client-auth-once-client
  103. [4-renegotiate-client-auth-once-server]
  104. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  105. CipherString = DEFAULT:@SECLEVEL=0
  106. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  107. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
  108. VerifyMode = Once
  109. [4-renegotiate-client-auth-once-client]
  110. Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
  111. CipherString = DEFAULT:@SECLEVEL=0
  112. PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
  113. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  114. VerifyMode = Peer
  115. [test-4]
  116. ExpectedResult = Success
  117. HandshakeMode = RenegotiateServer
  118. Method = DTLS
  119. ResumptionExpected = No
  120. UseSCTP = No
  121. # ===========================================================
  122. [5-renegotiate-aead-to-non-aead]
  123. ssl_conf = 5-renegotiate-aead-to-non-aead-ssl
  124. [5-renegotiate-aead-to-non-aead-ssl]
  125. server = 5-renegotiate-aead-to-non-aead-server
  126. client = 5-renegotiate-aead-to-non-aead-client
  127. [5-renegotiate-aead-to-non-aead-server]
  128. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  129. CipherString = DEFAULT
  130. Options = NoResumptionOnRenegotiation
  131. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  132. [5-renegotiate-aead-to-non-aead-client]
  133. CipherString = AES128-GCM-SHA256
  134. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  135. VerifyMode = Peer
  136. [test-5]
  137. ExpectedResult = Success
  138. HandshakeMode = RenegotiateClient
  139. Method = DTLS
  140. ResumptionExpected = No
  141. UseSCTP = No
  142. client = 5-renegotiate-aead-to-non-aead-client-extra
  143. [5-renegotiate-aead-to-non-aead-client-extra]
  144. RenegotiateCiphers = AES128-SHA
  145. # ===========================================================
  146. [6-renegotiate-non-aead-to-aead]
  147. ssl_conf = 6-renegotiate-non-aead-to-aead-ssl
  148. [6-renegotiate-non-aead-to-aead-ssl]
  149. server = 6-renegotiate-non-aead-to-aead-server
  150. client = 6-renegotiate-non-aead-to-aead-client
  151. [6-renegotiate-non-aead-to-aead-server]
  152. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  153. CipherString = DEFAULT
  154. Options = NoResumptionOnRenegotiation
  155. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  156. [6-renegotiate-non-aead-to-aead-client]
  157. CipherString = AES128-SHA
  158. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  159. VerifyMode = Peer
  160. [test-6]
  161. ExpectedResult = Success
  162. HandshakeMode = RenegotiateClient
  163. Method = DTLS
  164. ResumptionExpected = No
  165. UseSCTP = No
  166. client = 6-renegotiate-non-aead-to-aead-client-extra
  167. [6-renegotiate-non-aead-to-aead-client-extra]
  168. RenegotiateCiphers = AES128-GCM-SHA256
  169. # ===========================================================
  170. [7-renegotiate-non-aead-to-non-aead]
  171. ssl_conf = 7-renegotiate-non-aead-to-non-aead-ssl
  172. [7-renegotiate-non-aead-to-non-aead-ssl]
  173. server = 7-renegotiate-non-aead-to-non-aead-server
  174. client = 7-renegotiate-non-aead-to-non-aead-client
  175. [7-renegotiate-non-aead-to-non-aead-server]
  176. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  177. CipherString = DEFAULT
  178. Options = NoResumptionOnRenegotiation
  179. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  180. [7-renegotiate-non-aead-to-non-aead-client]
  181. CipherString = AES128-SHA
  182. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  183. VerifyMode = Peer
  184. [test-7]
  185. ExpectedResult = Success
  186. HandshakeMode = RenegotiateClient
  187. Method = DTLS
  188. ResumptionExpected = No
  189. UseSCTP = No
  190. client = 7-renegotiate-non-aead-to-non-aead-client-extra
  191. [7-renegotiate-non-aead-to-non-aead-client-extra]
  192. RenegotiateCiphers = AES256-SHA
  193. # ===========================================================
  194. [8-renegotiate-aead-to-aead]
  195. ssl_conf = 8-renegotiate-aead-to-aead-ssl
  196. [8-renegotiate-aead-to-aead-ssl]
  197. server = 8-renegotiate-aead-to-aead-server
  198. client = 8-renegotiate-aead-to-aead-client
  199. [8-renegotiate-aead-to-aead-server]
  200. Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
  201. CipherString = DEFAULT
  202. Options = NoResumptionOnRenegotiation
  203. PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
  204. [8-renegotiate-aead-to-aead-client]
  205. CipherString = AES128-GCM-SHA256
  206. VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
  207. VerifyMode = Peer
  208. [test-8]
  209. ExpectedResult = Success
  210. HandshakeMode = RenegotiateClient
  211. Method = DTLS
  212. ResumptionExpected = No
  213. UseSCTP = No
  214. client = 8-renegotiate-aead-to-aead-client-extra
  215. [8-renegotiate-aead-to-aead-client-extra]
  216. RenegotiateCiphers = AES256-GCM-SHA384